Does not work . - Githubissues

netero1010 / EDRSilencer

A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.

MIT License

1.46k stars 185 forks source link

Does not work . #18

Closed ExceptionalHandler closed 4 days ago

ExceptionalHandler commented 2 weeks ago

I compiled the code. It pushes the WFP filter

Still could not block curl.exe

netero1010 commented 1 week ago

It works in my test. Can you help to double check if the WFP filter is successfully created and the binary path is correct using tools suchas WFPExp.exe, netsh.exe.

netero1010 commented 4 days ago

From your screenshot. You are properly using Windows to compile EDRSilencer. The same issue is raised in #21 and it is fixed in the latest commit 0e73a70. Please re-test with the new code or simply try the new pre-compiled version.

Thank you!